Clone patch from graphics/jasper for CVE-2014-9029, and adjust slightly

to match the older jasper that ships with ghostscript. (Unfortunately,
it's been modified so we can't have ghostscript use the pkgsrc version.)

3 files changed, 39 insertions, 3 deletions

diff --git a/print/ghostscript-gpl/Makefile b/print/ghostscript-gpl/Makefile
index 729d5ae45f2..04c0f633919 100644
--- a/print/ghostscript-gpl/Makefile
+++ b/print/ghostscript-gpl/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.14 2014/07/18 08:56:37 ryoon Exp $
+# $NetBSD: Makefile,v 1.15 2014/12/30 07:52:41 dholland Exp $
 
 DISTNAME=	ghostscript-${GS_VERSION}
 PKGNAME=	${DISTNAME:S/ghostscript/ghostscript-gpl/}
-PKGREVISION=	2
+PKGREVISION=	3
 CATEGORIES=	print
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:=ghostscript/}
 MASTER_SITES+=	http://ghostscript.com/releases/
diff --git a/print/ghostscript-gpl/distinfo b/print/ghostscript-gpl/distinfo
index 21ea4c08d9e..f91ad37b713 100644
--- a/print/ghostscript-gpl/distinfo
+++ b/print/ghostscript-gpl/distinfo
@@ -1,9 +1,10 @@
-$NetBSD: distinfo,v 1.6 2014/07/18 08:56:37 ryoon Exp $
+$NetBSD: distinfo,v 1.7 2014/12/30 07:52:41 dholland Exp $
 
 SHA1 (ghostscript-9.06.tar.bz2) = 4c1c2b4cddd16d86b21f36ad4fc15f6100162238
 RMD160 (ghostscript-9.06.tar.bz2) = 11ef74cf783ec5f7cde0ceaaf2823a1f62fb4d1d
 Size (ghostscript-9.06.tar.bz2) = 29246039 bytes
 SHA1 (patch-CVE-2012-4405) = 1dcb4cfeceb366c144e0a1337c6ccc2d8e13e4ca
+SHA1 (patch-CVE-2014-9029) = 9636c7d6909fc0dec7ad2102b59fb14d599bac6a
 SHA1 (patch-af) = 79af4d253001f879f1b5d3ef93584ae7300361de
 SHA1 (patch-ah) = c8ca372123b98e054e460550b820479ba1f943b0
 SHA1 (patch-ai) = 8a3de7e097d3d893a0de4ea2936acf192f770c65
diff --git a/print/ghostscript-gpl/patches/patch-CVE-2014-9029 b/print/ghostscript-gpl/patches/patch-CVE-2014-9029
new file mode 100644
index 00000000000..9c62690f41d
--- /dev/null
+++ b/print/ghostscript-gpl/patches/patch-CVE-2014-9029
@@ -0,0 +1,35 @@
+$NetBSD: patch-CVE-2014-9029,v 1.1 2014/12/30 07:52:41 dholland Exp $
+
+Patch for CVE-2014-9029 from https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-9029
+(adjusted very slightly to match the jasper shipped with ghostscript)
+
+
+--- jasper/src/libjasper/jpc/jpc_dec.c.orig	2012-08-08 08:01:36.000000000 +0000
++++ jasper/src/libjasper/jpc/jpc_dec.c
+@@ -1294,7 +1294,7 @@ static int jpc_dec_process_coc(jpc_dec_t
+ 	jpc_coc_t *coc = &ms->parms.coc;
+ 	jpc_dec_tile_t *tile;
+ 
+-	if (JAS_CAST(int, coc->compno) > dec->numcomps) {
++	if (JAS_CAST(int, coc->compno) >= dec->numcomps) {
+ 		jas_eprintf(
+ 		  "invalid component number in COC marker segment\n");
+ 		return -1;
+@@ -1321,7 +1321,7 @@ static int jpc_dec_process_rgn(jpc_dec_t
+ 	jpc_rgn_t *rgn = &ms->parms.rgn;
+ 	jpc_dec_tile_t *tile;
+ 
+-	if (JAS_CAST(int, rgn->compno) > dec->numcomps) {
++	if (JAS_CAST(int, rgn->compno) >= dec->numcomps) {
+ 		jas_eprintf(
+ 		  "invalid component number in RGN marker segment\n");
+ 		return -1;
+@@ -1371,7 +1371,7 @@ static int jpc_dec_process_qcc(jpc_dec_t
+ 	jpc_qcc_t *qcc = &ms->parms.qcc;
+ 	jpc_dec_tile_t *tile;
+ 
+-	if (JAS_CAST(int, qcc->compno) > dec->numcomps) {
++	if (JAS_CAST(int, qcc->compno) >= dec->numcomps) {
+ 		jas_eprintf(
+ 		  "invalid component number in QCC marker segment\n");
+ 		return -1;